Need help? Chat now!
Search results for:
Researchers at the security company Symantec claim that an "unpatched security vulnerability" in Microsoft's Internet Explorer browser – versions 9 and 10 – has been "_exploited by hackers in a widespread attack aimed at stealing users' online banking credentials," according to an article published by The Daily Caller website. The report indicates that the vulnerability – which attracted numerous, dramatic attacks – was noted on a blog posted by Symantec on Tuesday, saying that "attacks by hackers shifted from smaller, targeted groups to a more widespread and far-reaching base of users."
The report quoted Symantec's post to say, "_We've observed trends suggesting that attacks targeting this vulnerability are no longer confined to advanced persistent threats (APT) — the zero-day attacks are expanding to attack average Internet users as well. If the attack is successful, the exploit drops a banking Trojan that steals login details from certain banks. " According to the report, an attack on the Veterans of Foreign Wars website – discovered by FireEye researchers on Feb. 13 – was the first time the "security flaw" was exploited.
Since the initial attack, this flaw has been discovered on numerous websites, including "_a mountain hiking community, dating service, language educator, financial market information provider, Japanese tour provider, online shopping outlet, and the French aerospace association GIFAS," according to the article. The article indicates that all websites affected "_were found to either be hosting the exploit or had an outside mechanism installed to load the hack into users' systems from another infected site._"
Written by Bryon Turcotte / February 28, 2014